Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP On PDC

Created: 06 Oct 2011 | 8 comments

Hi, i want to know if it is safe to install Symantec Endpoint Protection 12.1 on a domain controller. If advisable, what are the precautions that i need to take? 

Comments 8 CommentsJump to latest comment

Hidayet ALTUN's picture

Hi Phyliche,

Install, no problem

Installation and Migration Documents for Symantec Endpoint Protection 12.1

http://www.symantec.com/business/support/index?page=content&id=TECH163707&key=54619

Phyliche's picture

Thanks for the response. One more thing, are there any specific files that would need to be excluded from being scanned since it is a domain controller? In order to mitigate any issues in the future. 

SolarisMaestro's picture

Here are some good docs to check out with regards to Domain Controllers:

Best Practices for Installing Symantec Endpoint Protection (SEP) on Windows Servers
http://www.symantec.com/docs/TECH92440

Symantec Endpoint Protection: Adding Network Service to the Default Domain Controller Policy
http://www.symantec.com/docs/TECH103704

Best practices for remediating W32.Qakbot infected networks
http://www.symantec.com/docs/TECH158678

Overall, SEP 12.1 should have less issues being installed on DC since it only uses Apache now and has abandoned the use of IIS where a few issues were seen in SEP 11.x and GPOs/IIS.

Thank you for marking as a solution if you felt this response met your needs!

Phyliche's picture

Thank you so much for the information.

Chetan Savade's picture

Hi,

SEP 12.1 is the latest built by Symantec & it's supporting almost all the latest operating sytems.

You can install SEP on DC without any issue. Even on Exchange server there is no need to do any manual exclusion.

Only one call you will have to take i.e you want to continue with Windows firewall or Symantec firewall (NTP feature)

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Phyliche's picture

Hi, so the no exclusions apply even if the OS is Windows server 2003 R2 Edition or is that only for newer OS's.

Chetan Savade's picture

Hi,

No manual exclusions are required even you are using Windows server 2003 R2..

It's applicable for all the operating sytems if you are using latest Symantec built.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Phyliche's picture

Thanks to everyone for the responses.